26 to 50 of 269 Incident Response Jobs in the UK excluding London

Clearance Hybrid work model OUTSIDE IR35 Job Requirements Spec: - end-to-end technical leadership, architecture, and delivery oversight of Network Detection & Response (NDR) and Extended Detection & Response (XDR) solutions using Darktrace and Microsoft Defender - secure, scalable, and successful implementation of advanced detection technologies that enhance organisational threat visibility … improve incident response capability, and support a modern security operations function. - close collaboration with cybersecurity, infrastructure, networking, SOC analysts, service owners, and senior stakeholders to align technical designs with security strategy, operating models, and business needs. - definition of the target architecture for Darktrace NDR and Microsoft Defender ...

platforms and services. Apply software engineering principles to improve reliability, scalability, performance and operability. Contribute to technical strategy, standards and long-term platform evolution. Incident Management & Resilience Lead and participate in incident response, root cause analysis and blameless post-mortems. Use data and observability to reduce mean … . Deep understanding of Linux, networking, distributed systems and cloud platforms. Experience with infrastructure-as-code and automation (e.g. Terraform, Ansible, CloudFormation). Strong incident response, troubleshooting and fault-analysis skills using a scientific, data-driven approach. Experience with observability: metrics, logging, tracing, alerting and performance analysis. Ability ...

Operations Centre • Coordinate penetration testing, cybersecurity risk self-assessments and remediation activity • Lead real-time monitoring of cybersecurity alerts and events, including investigation and incident response • Manage and maintain security infrastructure including firewalls, IPS, WAF, SIEM, EDR and endpoint controls • Oversee vulnerability management, patching and security hardening across … Cyber Essentials • Strong understanding of UK regulatory expectations, including PRA, FCA, ICO and GDPR • Proven experience with SIEM-led monitoring, threat detection and incident response • Hands-on experience managing firewalls, IPS, WAF, EDR and endpoint security tools • Strong network security knowledge including routing, switching and firewall design • Solid ...

money stops flowing . As Ticketing Operations Manager, you will: Protect revenue by ensuring maximum uptime across all payment and ticketing channels Lead major incident response for payment and ticketing failures Own operational performance across systems used by millions of customers Manage and develop a high-performing operations … incident management team This is a senior operational leadership role with real accountability and influence. Key Responsibilities Lead the day-to-day operational management of all customer-facing ticketing and payment systems, including: Mobile ticketing apps Smartcards EMV/contactless payments Ticket vending machines Take ownership of major incident ...

Network Security Engineer, where you will play a key role in safeguarding our clients’ organisations’ network infrastructure as part of the 24x7 Internal Security Response (ISR) team.When not involved in incident response and triage activity with the SOC team, you will be responsible for designing, implementing … Permanent Location – Stevenage (Onsite Shift work) Salary - £50k (Plus £2k bonus and shift allowance) Keywords: Network Security Engineer, SOC, Security Operations Center, Firewalls, Incident Response, Security Incidents, Networking Principles, Virtual Private Networks, Security Protocols, Vulnerabilities, Threats. Only apply for this role if you currently hold the specific Government ...

fantastic opportunity for individuals with foundational knowledge in cybersecurity or IT support who are eager to advance their careers in threat detection, incident response, and real-time security monitoring. A great time to join a company looking to nurture new cyber talent from tier 1 through to team … actions performed. Review, assess, and prioritize security alerts generated from platforms such as SIEM, EDR, and XDR. Support clients by offering practical advice on incident response and threat containment. Work alongside senior analysts and response teams to drive incidents through to resolution. Examine suspected security events ...

role suits someone who thrives in complexity, owns outcomes, and embraces the challenge of stabilising today while architecting tomorrow. Whether youre resolving a critical incident, strengthening our cyber posture, or driving our cloud migration roadmap, your impact will be felt across the organisation. Salary The spot salary for this … progression opportunities and structured support. About you Proven experience leading IT Operations in complex, multi-system environments. Strong understanding of security frameworks, threat detection, incident response and operational cyber maturity. Experience with IaaS, PaaS, SaaS and hybrid cloud strategies. Technical depth across infrastructure, networking and enterprise systems. Experience ...

mentor and escalation point for Tier 1 and Tier 2 analysts during live operations Support alignment between SOC operations, threat intelligence, and incident response functions Capture operational metrics relating to alert handling efficiency, response delays, and quality issues Identify procedural gaps and contribute to the improvement … playbooks, SOPs, and workflows Assist the incident response function with investigations requiring escalation to embedded internal stakeholders The ideal candidate would have: A strong career background in Cyber Security within an operational SOC environment Experience mentoring, coaching, or providing quality assurance to SOC analysts The ability to lead ...

with the organisation. As part of our Blue Team, you’ll use the latest intelligence and tooling to analyse information systems to ensure effective incident detection and response. Job Description If you are looking to make your mark on a rapidly growing SecOps team with some very exciting clients … keen interest when it comes to technical cybersecurity topics such as threat hunting, attacker tactics and techniques, monitoring and alerting, threat intelligence, and incident readiness and response. Key responsibilities of the role are summarised below: · Security monitoring and incident response · Detection engineering - Develop, maintain, and enhance security ...

activities. Evaluate security risks of third-party vendors, ensuring alignment with internal security requirements. Maintain documentation, evidence, and metrics to support ongoing audit readiness. Incident Response & Awareness Support the development, testing, and refinement of incident response plans. Assist with investigation and reporting of security incidents. Promote ...

organization’s digital environment, using cutting-edge tools like Microsoft Sentinel and Defender. Your role will involve monitoring and responding to security threats, automating incident workflows, and strengthening our endpoint and email security. Key responsibilities of this Cyber Security Analyst includes: Monitor, detect and respond to security alerts using … Microsoft Sentinel, Microsoft Defender, and Ironscales Manage security logs, automate incident responses, oversee endpoint protection, investigate threats, and remediate vulnerabilities Investigate and remediate endpoint threats and vulnerabilities Correlate security events and develop automated playbooks in Sentinel Support threat hunting activities and contribute to incident response efforts Manage ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Essential Experience … alerting tools (e.g., CloudWatch, ELK/Opensearch, Prometheus, Grafana). Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. Ability to collaborate effectively with Development and Test teams, translating requirements into stable and secure ...

fundamental part of your role, where you will detect, analyse, and respond to any cyber security incidents or breaches. This includes managing the incident response process, documenting actions taken, and reporting findings to minimise the impact on our operations. You will also assess and manage the cyber security … guidelines and standards. Conduct continuous monitoring of the Trusts IT systems to detect, analyse, and respond to cybersecurity incidents and breaches. Manage the incident response process, including documentation and reporting, to mitigate risks and minimize the impact of security breaches. Assess and manage cybersecurity risks associated with ...

heart of our cybersecurity strategy. As Operational Security Manager, you'll take ownership of our security operations, overseeing threat intelligence, vulnerability management, incident response and the performance of our outsourced 24/7 SOC. You'll work closely with internal technology teams to embed security into every aspect … infrastructure and change lifecycle, ensuring our defences are proactive, responsive and resilient. From playbook rehearsals to live incident recovery, you'll be the calm in the storm, guiding teams through complex challenges with clarity and confidence. What you'll need to succeed You're a seasoned security professional with ...

operational needs Translate SOC analyst pain points, workflows, and use cases into actionable product features and user stories Design and validate alert prioritization algorithms, incident triage workflows, and automated playbook logic based on operational experience Collaborate with product managers to shape product strategy, roadmap priorities, and feature definitions Conduct … experience as a SOC Analyst, Senior SOC Analyst, or SOC Team Lead Deep understanding of end-to-end SOC operations including alert triage, incident response, threat hunting, and case management Extensive experience with SIEM platforms, security orchestration tools, and the broader SOC technology stack Strong knowledge of threat ...

leads the organisation's cyber security strategy, ensuring strong resilience, compliance, and protection of information assets. You will oversee operations, governance, risk management, and incident response while guiding a high-performing security & infrastructure team. Client Details Our client is a respected not-for-profit UK organisation with … regulatory requirements. Conduct security risk assessments, maintain governance frameworks, and ensure robust oversight. Set, enforce, and update security policies, standards, and technical controls. Lead incident response, including investigation, coordination, remediation, and reporting. Manage supplier assurance, third-party risk, and security obligations within contracts. Plan and support external audits ...

Specialist to support the delivery of security services across a varied client base. This is a client-facing role combining technical delivery, advisory, and incident response within an MSP environment. The successful candidate will help assess risk, implement security controls, support compliance, and respond to cyber threats across … teams to improve overall security posture Essential Experience Background in cyber security within an MSP or multi-client environment Strong understanding of threat detection, incident response, and vulnerability management Hands-on experience securing Microsoft 365/Azure AD Knowledge of EDR, AV, email security, and network security principles ...

services or DevOps tools to continuously enhance infrastructure capabilities. Produce and maintain platform documentation and runbooks, ensuring knowledge is shared and accessible. Contribute to incident response and root cause analysis for infrastructure-related issues. Track and report platform metrics, including performance, cost efficiency, and security posture. Required Skills … security best practices. Experience with monitoring, logging, and alerting tools. Proficiency in scripting or automation languages (Python, Bash, or PowerShell). Track record of incident response and root cause analysis in cloud environments. If you are interested in this position please apply online or for more information contact ...

Overview: We are seeking a motivated Cyber Security Apprentice to join our team in Bedford. You’ll gain hands-on experience supporting threat monitoring, incident response, and security operations while working closely with experienced security engineers. You will be enrolled onto the QA Level 4 Cyber Security Defender … Responder Apprenticeship, which equips learners with proactive defence skills, incident response capability, and hands-on training through labs and the Discover Practise Apply model. Responsibilities: Monitor basic security alerts and escalate potential threats. Assist with incident triage, evidence gathering, and documentation. Support vulnerability checks and track remediation ...

procedures, controls, and governance Identification, analysis, and prioritisation of cyber risks and vulnerabilities across on-prem, cloud, and third-party environments Advisory support for incident response planning, crisis management exercises, and resilience improvements Support to SOC operations, including process improvement and escalation protocols Supplier and third-party security … Strong hands-on background in cybersecurity governance, risk management, and security operations Proven experience delivering cybersecurity assessments, audits, and improvement programmes Demonstrable experience with incident response, crisis management, and cyber resilience planning Experience assessing supplier and third-party cybersecurity risk across the supply chain Strong understanding of recognised ...

procedures, controls, and governance Identification, analysis, and prioritisation of cyber risks and vulnerabilities across on-prem, cloud, and third-party environments Advisory support for incident response planning, crisis management exercises, and resilience improvements Support to SOC operations, including process improvement and escalation protocols Supplier and third-party security … Strong hands-on background in cybersecurity governance, risk management, and security operations Proven experience delivering cybersecurity assessments, audits, and improvement programmes Demonstrable experience with incident response, crisis management, and cyber resilience planning Experience assessing supplier and third-party cybersecurity risk across the supply chain Strong understanding of recognised ...

specific and relevant security data points Participate in an on-call rotation and assist with troubleshooting issues that arise Defining and implementing a Security Incident Response process/policy with regular evolvement, testing and adherence Required Qualifications Three years or more experience in Cloud Infrastructure roles (predominantly … team Advantageous Qualifications AWS Certified Security Specialist Hands on experience designing and implementing security controls within GCP Experience defining and operating a Security Incident Response process Good knowledge of monitoring and alerting using one or more of: Graphite, Statsd, Prometheus, Grafana, OpenSearch Any experience of ISO27001 certification processes ...

working from Sheffield + £550 to £570 per day + Inside IR35 Key Skills: + 3rd/4th Line Support to M365 Copilot + Incident response Job Description: Provide 3rd/4th Line Operational Support for M365 Copilot across HSBC's tenant. Providing incident response via complex troubleshooting, policy/configuration changes and mass deployments throughout the organisation. Key Responsibilities: + Incident & Problem Management: Triage and resolve complex M365 escalations/Multi User Incidents (usage, access errors, unexpected results). Root cause analysis across M365 Admin Centre, Entra, Conditional Access, SharePoint/OneDrive ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...

both technical and non-technical stakeholders. You will be part of a global Cyber Technical Services team, collaborating closely with Threat Intelligence and Incident Response specialists across National Security and Defence programmes. What You'll Be Doing as a Security Testing Consultant (SC) Deliver end-to-end security … place Develop and improve scripts, tools, and techniques to enhance testing capability Share knowledge and collaborate with colleagues across cyber, threat intelligence, and incident response teams Support testing across National Security, Defence, and Critical Infrastructure environments Essential Skills & Experience Proven experience working as a Security Testing Consultant ...